With the decision of the governments to close educational institutions and workplaces in an effort to limit its spread COVID-19/Coronavirus, many of us will need to connect remotely to work / school networks, further burdening online resources.
We will also see many who are accustomed to protection which offers a corporate / educational network to work remotely for the first time. This, combined with opportunistic attacks by digital criminals who take advantage of people's fears about the disease, could create a "perfect storm" for criminal activity.
Working or training from home for the first time can seem daunting, especially to those who are not accustomed to being responsible for their own digital security. Connecting remotely to school or work networks offers flexibility in where and how we work, but can also present some challenges and potential security risks.
In addition, many organizations are not telework-oriented and thus try to understand the challenges in real time, under exceptional circumstances, while for some it is more common and an opportunity to review security around remote access to corporate systems.
Once a device is out of the corporate network infrastructure and connected to new networks and WIFI, the risks widen and increase. Here are some simple steps that users and organizations can take to reduce the digital risks associated with remote connection.
Tips for users:
- Protect all your devices with a trusted cybersecurity product, including portable devices.
- Always apply the latest updates to your operating systems and applications as soon as they become available.
- Use only applications from trusted sources, e.g. Google Play, the App Store or the trusted educational portal you use or those provided to you by your work or educational institution.
- Use only trusted networks for online activities. If it is not your network and you need to connect to the internet, use a VPN (Virtual Private Network) to secure your connection.
- Always enter web addresses. Do not click on links or attachments and do not reply to spam.
- Create backups των δεδομένων σας τακτικά σε μια εξωτερική μονάδα δίσκου που κρατάτε εκτός σύνδεσης για να αποφύγετε την απώλεια της εργασίας σας.
Tips for organizations:
- Provide a VPN so that staff can connect securely to the corporate network.
- All corporate devices - including mobile phones and laptops - should be protected with appropriate security software (e.g., allow data to be deleted from devices that have been reported as lost or stolen, separating personal and work data and restricting applications that can be installed).
- Always apply the latest updates to operating systems and applications.
- Restrict the access rights of people connected to the corporate network.
- Make sure staff are aware of the risks of responding to spam.
"We encourage organizations to be especially vigilant at this juncture and to ensure that remote employees show the necessary care. Organizations should communicate with employees clearly so that they are aware of the risks and do what they can to facilitate teleworking for those isolated or connected from home. ”
“Εκτός από την αύξηση της τηλεργασία, διαπιστώσαμε επίσης ότι οι εγκληματίες του κυβερνοχώρου προσπαθούν να εκμεταλλευτούν τον ιό, κρύβοντας κακόβουλα αρχεία σε έγγραφα που υποτίθεται ότι σχετίζονται με την disease. Έτσι, με αυτήν την ευκαιριακή προσέγγιση από τους εγκληματίες, σε συνδυασμό με τις αλλαγές στις εργασιακές συνήθειες, οι επιχειρήσεις οφείλουν να είναι πολύ προσεκτικές τη δεδομένη στιγμή», σχολιάζει ο David Emm, principal security researcher, Kaspersky.